<?php

	include 'util.php';

//check if user is logged in
	session_name('login');
	session_start();
	if($_SESSION['username'] == null)
	{
		//redirect back to home
		header("location: /home.php");
	}
	
	if(isset($_POST['submitPayment']))
	{
		$orderId = $_SESSION['orderId'];
		$selectedPaymentId = $_POST['paymentId'];
		
		$dbConnection = getMySqlConnection();
		
		$date = date('Y/m/d');
		
		$query = "UPDATE orders
					SET payment_id=$selectedPaymentId, active_ind=0, date='$date'
					WHERE order_id=$orderId;";
		
		$submitOrderResult = $dbConnection->query($query);
		
		header("location: /invoice.php");
	}
	
	$userId = $_SESSION['userId'];
	//query for an active cart for user
	$dbConnection = getMySqlConnection();
	
	$query = "SELECT * FROM products WHERE product_id IN
				(SELECT product_id FROM cart WHERE order_id =
				(SELECT order_id FROM orders WHERE person_id = '$userId' AND active_ind = 1));";
	
	$result = $dbConnection->query($query);
	
// 	$cartArray = $result->fetch_assoc();
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
               
<html>
<head>
	<link rel="StyleSheet" type="text/css" href="css/tcaparrel.css">
	<link rel="StyleSheet" href="css/header.css" type="text/css">
	<script type="text/javascript" src="javascript/tcaparrel.js">
	</script>
</head>

<body >
<div class="contentWrapper">
	<div class="header">
		<?php 
		session_name('login');
		session_start();
		if(isset($_SESSION['username']))
		{
			include('loggedInUserHeader.php');
		}
		else
		{
			include ('loginformheader.php');
		}
		?>
	</div>
	
	<div class="menubarContentWrapper">
			<div class="menubar">
				<div class="menuItem" onclick="sweatshirts_click()"><label style="cursor: inherit">SweatShirts</label></div>
				<div class="menuItem" onclick="hats_click()"><label style="cursor: inherit">Hats</label></div>
				<div class="menuItem" onclick="tshirts_click()"><label style="cursor: inherit">T-Shirts</label></div>
				<div class="menuItem" onclick="pants_click()"><label style="cursor: inherit">Pants</label></div>
			</div>
	</div>
	
	<div class="body">
		<h1>Checkout Info</h1>
		
		<table class='allUsers'>
			<?php 
				//add remove button
				$totalPrice = 0;
				while ($cartItem = $result->fetch_assoc())
				{
					$name = $cartItem["product_name"];
					$category = $cartItem["category"];
					$price = $cartItem["price"];
					$decription = $cartItem["description"];
					
					$totalPrice = $totalPrice + $price; 
					
					echo "<tr><td class='allUsers'>$name</td><td class='allUsers'>$category</td><td class='allUsers'>$$price</td></tr>";
				}
			?>	
			<tr>
				<td>
				Total: 
				</td>
				<td> $
					<?php 
						//the total expenditures
						echo $totalPrice;
					?> 
				</td>
			</tr>
		</table>
		
		<form action="checkoutInfo.php" method="post" >
			<select name="paymentId">
				<?php 
					
					$userId = $_SESSION['userId'];
				
					$query = "Select * FROM payment WHERE person_id = $userId";
					
					$paymentTypesResult = $dbConnection->query($query);
					
					while($paymentType = $paymentTypesResult->fetch_assoc())
					{
						$paymentId = $paymentType["payment_id"];
						$cardType = $paymentType["card_type"];
						$card = $paymentType["card_number"];
						$modCardNumber = "XXXX-XXXX-XXXX-" . substr($card,-4,4); 
						
						echo "<option value='$paymentId'>$cardType $modCardNumber</option>";
					}
				
					
				?>
			</select>
			
			<a href="addNewCard.php">Add New</a>
			
			<br/><input type="submit" name="submitPayment" value="Submit"/>
			
		</form>
		
	</div>
	
	<div class="footer"></div>
</div>
</body>

</html>